Developer Reference

Contents

Hash Functions

The MD5 algorithm is considered weak due to known attacks on it. The functionality remains in the library, but the implementation will no longer be optimized and no security patches will be applied. A more secure alternative is available: SHA-2. For more information, see
Fast Collision Attack on MD5
(https://eprint.iacr.org/2013/170.pdf) and
How to Break MD5 and Other Hash Functions
(http://merlot.usc.edu/csac-f06/papers/Wang05a.pdf).
Functions described in this section apply hash algorithms to digesting streaming messages.
Usage model of the generalized hash functions is similar to the model explained below.
A primitive implementing a hash algorithm uses the state context
IppsHashState
as an operational vehicle to carry all necessary variables to manage the computation of the chaining digest value.
The following example illustrates how the application code can apply the implemented SHA-1 hash standard to digest the input message stream.
  1. Call the function HashGetSize to get the size required to configure the
    IppsHashState
    context.
  2. Ensure that the required memory space is properly allocated. With the allocated memory, call the HashInit function
    with the value of
    hashAlg
    equal to
    ippHashAlg_SHA1
    to set up the initial context state with the SHA-1 specified initialization vectors.
  3. Keep calling the function HashUpdate to digest incoming message stream in the queue till its completion. To determine the current value of the digest, call HashGetTag between the two calls to
    HashUpdate
    .
  4. Call the function HashFinal to pad the partial block into a final SHA-1 message block and transform it into a 160-bit message digest value.
  5. Clean up secret data stored in the context.
  6. Call the operating system memory free service function to release the
    IppsSHA1State
    IppsHashState
    context.
The
IppsHashState
context is position-dependent. The
HashPack, HashUnpack
functions transform this context to a position-independent form and vice versa.
For memory-critical applications, consider using Reduced Memory Footprint Functions.
The crypto community does not consider SHA-1 or MD5 algorithms secure anymore.
Recommendation: use a more secure hash algorithm (for example, any algorithm from the SHA-2 family) instead of SHA-1 or MD5.

Product and Performance Information

1

Intel's compilers may or may not optimize to the same degree for non-Intel microprocessors for optimizations that are not unique to Intel microprocessors. These optimizations include SSE2, SSE3, and SSSE3 instruction sets and other optimizations. Intel does not guarantee the availability, functionality, or effectiveness of any optimization on microprocessors not manufactured by Intel. Microprocessor-dependent optimizations in this product are intended for use with Intel microprocessors. Certain optimizations not specific to Intel microarchitecture are reserved for Intel microprocessors. Please refer to the applicable product User and Reference Guides for more information regarding the specific instruction sets covered by this notice.

Notice revision #20110804